2 network questions

1. Specifications: a) Prevent all traffic from the workstation 170.16.10.5 from reaching the workstation 170.16.80.16. Traffic from all other hosts/ networks including traffic from outside should be allowed. b) Traffic from the network 170.16.40.0 must not be allowed on the 170.16.50.0 network. All other traffic originating from 170.16.0.0 networks must be allowed (that is, outside traffic must not be allowed). c) Workstations 170.16.50.75 and 170.16.50.7 should not be allowed HTTP access on tower box 170.16.70.2. All other workstations can have HTTP access on the tower box. All other traffic including traffic from outside networks are allowed. d) 170.16.80.16 can telnet to 170.16.40.89. No one else from the network 170.16.80.0 can telnet to 170.16.40.89. All other hosts can telnet to 40.89. Also permit all other traffic, but only as long as they originate from 170.16.0.0 (that is, do not allow outside traffic). e) Allow ftp access only from the host 170.16.10.5 onto any host on the network 170.16.70.0. All other types of traffic from all other hosts are allowed, but only as long as they originate from 170.16.0.0 (that is, do not allow outside traffic). f) Prevent traffic from the network 170.16.20.0 from flowing on the network 170.16.70.0. All other traffic, including traffic from outside can. g) Prevent traffic from the tower box 170.16.70.2 from going outside to the non-170.16.0.0 network. All other traffic can go out.

Exercise 2: Write two programs (one for standard and one for extended) that simulate the processing of an ACL at a router’s interface. Each program should read two text files, one containing ACL statements, and another containing a list of IP addresses that represent packets coming into the interface. The input to the standard ACL program will be just a list of source IP addresses while the input to the extended ACL program will be a list of source IP address, destination IP address and port number. The program should process each packet according to the ACL statements and decide to permit or deny each packet. You may assume that the program is simulating the ACL (either in or out) at just one interface.

Post a Comment